I looked at the HTS articles and that helped a tad but not enough. I was told by multiple sites that the key was to use ( ' or 1=1--) as the username and password.. I tried several combinations but nothing seems to work!? Could someone please tell me where I went wrong with the sql?

I know how to solve this challenge, but whenever I try, I get logged out from hackthissite.org, which brings me to the "require_auth" error screen.

Google tells me other people have had this problem before, but I didn't find a solution. I have tried restarting Firefox and deleting my cookies, achieving nothing.

The problem does not occur when I re-solve a mission I already completed.

What can I do to resolve this?

- arivor

PS: Took me a while to even try an SQL injection since that site seems so small. I'd expected a simpler form of authorization, like in the basic challenges.

EDIT: Just solved realistic mission #3, and the problem does not occur there. However, mission #2 still logs me out.EDIT2: Also happens with realistic mission #8.EDIT3: Incidentally, both #2 and #8 log me out on entering an SQL injection. No idea if correlation implies causation here.

I was just wondering if that was something that should be accessible. I dont know enough to tell if that is important at all or not. Maybe im over thinking it lol... Thanks in advance for any responses!

by Variable not Defined on Fri Mar 28, 2014 8:14 am ([msg=80057]see Re: Please ask questions ONLY in this topic.[/msg])

So to make this easy for anyone else who stumbles through this and think's they'll never figure it out, every link provided has the answer. They were poorly explained however. I found http://sqlzoo.net/hack/index.html to work the best as far as explanation of how it works and what each comment does.